Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-8957

Move TRUNCATE from MODIFY to DROP permission group

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Normal
    • Resolution: Duplicate
    • None
    • None
    • None

    Description

      Cassandra currently has 6 permissions:
      ALTER: required for ALTER KEYSPCE, ALTER TABLE, CREATE INDEX, DROP INDEX
      AUTHORIZE: required for GRANT, REVOKE
      CREATE: required for CREATE KEYSPACE, CREATE TABLE
      DROP: required for DROP KEYSPACE, DROP TABLE
      MODIFY: required for INSERT, DELETE, UPDATE, TRUNCATE
      SELECT: required for SELECT

      It seems incorrect to lump TRUNCATE with INSERT, DELETE, UPDATE. Every normal user typically does INSERT, DELETE, UPDATE. However a normal user does not need TRUNCATE. We want to prevent normal user accidentally truncating their tables in production. It is better to group TRUNCATE with other destructive operations such as DROP KEYSPACE, DROP TABLE.

      Proposal: Move TRUNCATE from MODIFY to DROP permission group

      Proposed 6 permissions looks like this:
      ALTER: required for ALTER KEYSPCE, ALTER TABLE, CREATE INDEX, DROP INDEX
      AUTHORIZE: required for GRANT, REVOKE
      CREATE: required for CREATE KEYSPACE, CREATE TABLE
      DROP: required for DROP KEYSPACE, DROP TABLE, TRUNCATE
      MODIFY: required for INSERT, DELETE, UPDATE
      SELECT: required for SELECT

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              vkasar Vishy Kasar
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: